143 lines
3.1 KiB
JavaScript
143 lines
3.1 KiB
JavaScript
const fs = require('node:fs');
|
|
const path = require('node:path');
|
|
const bcrypt = require('bcryptjs');
|
|
const postgres = require('postgres');
|
|
|
|
function loadEnvFile(filePath) {
|
|
if (!fs.existsSync(filePath)) {
|
|
return;
|
|
}
|
|
|
|
const content = fs.readFileSync(filePath, 'utf8');
|
|
|
|
for (const rawLine of content.split(/\r?\n/)) {
|
|
const line = rawLine.trim();
|
|
|
|
if (!line || line.startsWith('#')) {
|
|
continue;
|
|
}
|
|
|
|
const separatorIndex = line.indexOf('=');
|
|
|
|
if (separatorIndex === -1) {
|
|
continue;
|
|
}
|
|
|
|
const key = line.slice(0, separatorIndex).trim();
|
|
let value = line.slice(separatorIndex + 1).trim();
|
|
|
|
if (
|
|
(value.startsWith('"') && value.endsWith('"')) ||
|
|
(value.startsWith("'") && value.endsWith("'"))
|
|
) {
|
|
value = value.slice(1, -1);
|
|
}
|
|
|
|
if (!(key in process.env)) {
|
|
process.env[key] = value;
|
|
}
|
|
}
|
|
}
|
|
|
|
function loadLocalEnv() {
|
|
loadEnvFile(path.resolve(process.cwd(), '.env.local'));
|
|
loadEnvFile(path.resolve(process.cwd(), '.env'));
|
|
}
|
|
|
|
function requireEnv(name) {
|
|
const value = process.env[name]?.trim();
|
|
|
|
if (!value) {
|
|
throw new Error(`Missing required environment variable: ${name}`);
|
|
}
|
|
|
|
return value;
|
|
}
|
|
|
|
async function main() {
|
|
loadLocalEnv();
|
|
|
|
const databaseUrl = requireEnv('DATABASE_URL');
|
|
const email = requireEnv('SUPER_ADMIN_EMAIL').toLowerCase();
|
|
const password = requireEnv('SUPER_ADMIN_PASSWORD');
|
|
const name = process.env.SUPER_ADMIN_NAME?.trim() || 'Super Admin';
|
|
const resetPassword = process.env.SUPER_ADMIN_RESET_PASSWORD === 'true';
|
|
|
|
if (password.length < 8) {
|
|
throw new Error('SUPER_ADMIN_PASSWORD must be at least 8 characters long');
|
|
}
|
|
|
|
const sql = postgres(databaseUrl, { prepare: false });
|
|
|
|
try {
|
|
const existingUsers = await sql`
|
|
select id, system_role
|
|
from users
|
|
where email = ${email}
|
|
limit 1
|
|
`;
|
|
|
|
const passwordHash = await bcrypt.hash(password, 10);
|
|
|
|
if (existingUsers.length === 0) {
|
|
const id = crypto.randomUUID();
|
|
|
|
await sql`
|
|
insert into users (
|
|
id,
|
|
name,
|
|
email,
|
|
password_hash,
|
|
system_role,
|
|
active_organization_id
|
|
) values (
|
|
${id},
|
|
${name},
|
|
${email},
|
|
${passwordHash},
|
|
${'super_admin'},
|
|
${null}
|
|
)
|
|
`;
|
|
|
|
console.log(`Created super admin user: ${email}`);
|
|
return;
|
|
}
|
|
|
|
const user = existingUsers[0];
|
|
|
|
if (resetPassword) {
|
|
await sql`
|
|
update users
|
|
set
|
|
name = ${name},
|
|
system_role = ${'super_admin'},
|
|
password_hash = ${passwordHash},
|
|
updated_at = now()
|
|
where id = ${user.id}
|
|
`;
|
|
|
|
console.log(`Promoted and reset password for super admin user: ${email}`);
|
|
return;
|
|
}
|
|
|
|
await sql`
|
|
update users
|
|
set
|
|
name = ${name},
|
|
system_role = ${'super_admin'},
|
|
updated_at = now()
|
|
where id = ${user.id}
|
|
`;
|
|
|
|
console.log(`Ensured super admin role for user: ${email}`);
|
|
} finally {
|
|
await sql.end();
|
|
}
|
|
}
|
|
|
|
main().catch((error) => {
|
|
console.error('[seed-super-admin] Failed:', error.message);
|
|
process.exitCode = 1;
|
|
});
|